On Fri, Mar 30 2012, Gabriel Hurley wrote:
In practice today, Keystone no longer has global roles, and RBAC
implementation isn't fully there yet across the ecosystem. So projects have
adopted inconsistent means of determining when and how to grant
admin-level privileges to that user. This
On Mar 30, 2012, at 7:41 AM, Julien Danjou wrote:
On Fri, Mar 30 2012, Gabriel Hurley wrote:
In practice today, Keystone no longer has global roles, and RBAC
implementation isn't fully there yet across the ecosystem. So projects have
adopted inconsistent means of determining when and how to
Danjou
Cc: openstack@lists.launchpad.net
Subject: Re: [Openstack] Admin-ness in Keystone, Nova, et. al.
Commented on the first bug.
On Fri, Mar 30, 2012 at 7:41 AM, Julien Danjou julien.dan...@enovance.com
wrote:
On Fri, Mar 30 2012, Gabriel Hurley wrote:
In practice today, Keystone
FWIW, it is possible in Glance to set the configuration option
admin_role value to something other than admin -- for instance
glance:admin -- to use a different role than admin to indicate a
role that should only be able to admin Glance and not other endpoints.
@lists.launchpad.net] On Behalf Of
Jay Pipes
Sent: Friday, March 30, 2012 11:33 AM
To: openstack@lists.launchpad.net
Subject: Re: [Openstack] Admin-ness in Keystone, Nova, et. al.
FWIW, it is possible in Glance to set the configuration option
admin_role value to something other than admin
To: openstack@lists.launchpad.net
Subject: Re: [Openstack] Admin-ness in Keystone, Nova, et. al.
FWIW, it is possible in Glance to set the configuration option
admin_role value to something other than admin -- for instance
glance:admin -- to use a different role than admin to indicate a
role that should only
In the last couple days, a few troubling bugs have been uncovered using Horizon
that point to a much deeper problem of admin-ness in Essex. First, the two
most recent bugs:
1. https://bugs.launchpad.net/keystone/+bug/968696
Summary: having an admin role on any tenant gives you admin rights in
7 matches
Mail list logo
